[This was originally published on the OSVDB blog.]
I know the title of this may seem to be a slight on the researches I will use as examples, but that is not the case at all. Some people in the security community have a perception that some vulnerability researchers are so-called “one trick ponies“, meaning they know one trick and are not able to offer diversity or research different types of issues.
In some cases this might be accurate, as the ability to test and “research” vulnerabilities such as cross-site scripting takes nothing more than a simple cut/paste and witnessing a resulting pop-up. Other researchers may know the basics of overflows or format strings, but not know how to exploit more tricky occurrences. Even so, these people show that countless programs, even recently developed ones, continue to suffer from the same old weaknesses we’ve seen over the last twenty years. They show that many programmers still don’t get it, don’t learn from history, and do not practice secure coding techniques.
In other cases, some researches stick to what they do best, and it isn’t a lack of proficiency affecting their results. Like them or not, their efforts do serve a good purpose and they have good intentions.